148ffe56aSColin Percival.\"- 2db6b0a61SColin Percival.\" Copyright 2006, 2007 Colin Percival 348ffe56aSColin Percival.\" All rights reserved 448ffe56aSColin Percival.\" 548ffe56aSColin Percival.\" Redistribution and use in source and binary forms, with or without 648ffe56aSColin Percival.\" modification, are permitted providing that the following conditions 748ffe56aSColin Percival.\" are met: 848ffe56aSColin Percival.\" 1. Redistributions of source code must retain the above copyright 948ffe56aSColin Percival.\" notice, this list of conditions and the following disclaimer. 1048ffe56aSColin Percival.\" 2. Redistributions in binary form must reproduce the above copyright 1148ffe56aSColin Percival.\" notice, this list of conditions and the following disclaimer in the 1248ffe56aSColin Percival.\" documentation and/or other materials provided with the distribution. 1348ffe56aSColin Percival.\" 1448ffe56aSColin Percival.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1548ffe56aSColin Percival.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 1648ffe56aSColin Percival.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1748ffe56aSColin Percival.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 1848ffe56aSColin Percival.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 1948ffe56aSColin Percival.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2048ffe56aSColin Percival.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2148ffe56aSColin Percival.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 2248ffe56aSColin Percival.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 2348ffe56aSColin Percival.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2448ffe56aSColin Percival.\" POSSIBILITY OF SUCH DAMAGE. 2548ffe56aSColin Percival.\" 2648ffe56aSColin Percival.\" $FreeBSD$ 2748ffe56aSColin Percival.\" 28*32f45927SMateusz Piotrowski.Dd November 14, 2020 2948ffe56aSColin Percival.Dt FREEBSD-UPDATE 8 30c0755420SEd Maste.Os 3148ffe56aSColin Percival.Sh NAME 3248ffe56aSColin Percival.Nm freebsd-update 3348ffe56aSColin Percival.Nd fetch and install binary updates to FreeBSD 3448ffe56aSColin Percival.Sh SYNOPSIS 3548ffe56aSColin Percival.Nm 3648ffe56aSColin Percival.Op Fl b Ar basedir 3748ffe56aSColin Percival.Op Fl d Ar workdir 3848ffe56aSColin Percival.Op Fl f Ar conffile 398935f242SAllan Jude.Op Fl F 4048ffe56aSColin Percival.Op Fl k Ar KEY 41db6b0a61SColin Percival.Op Fl r Ar newrelease 4248ffe56aSColin Percival.Op Fl s Ar server 4348ffe56aSColin Percival.Op Fl t Ar address 448935f242SAllan Jude.Op Fl -not-running-from-cron 4548ffe56aSColin Percival.Cm command ... 4648ffe56aSColin Percival.Sh DESCRIPTION 4748ffe56aSColin PercivalThe 4848ffe56aSColin Percival.Nm 4948ffe56aSColin Percivaltool is used to fetch, install, and rollback binary 50c0755420SEd Masteupdates to the 51c0755420SEd Maste.Fx 52c0755420SEd Mastebase system. 53764dd6b4SColin PercivalNote that updates are only available if they are being built for the 54c0755420SEd Maste.Fx 55c0755420SEd Masterelease and architecture being used; in particular, the 56764dd6b4SColin Percival.Fx 57764dd6b4SColin PercivalSecurity Team only builds updates for releases shipped in binary form 58764dd6b4SColin Percivalby the 59764dd6b4SColin Percival.Fx 60764dd6b4SColin PercivalRelease Engineering Team, e.g., 61764dd6b4SColin Percival.Fx 623f877103SEd Maste11.2-RELEASE and 63764dd6b4SColin Percival.Fx 643f877103SEd Maste12.0-RELEASE, but not 65764dd6b4SColin Percival.Fx 663f877103SEd Maste11.2-STABLE or 67764dd6b4SColin Percival.Fx 683f877103SEd Maste13.0-CURRENT. 6948ffe56aSColin Percival.Sh OPTIONS 70344c81a1SWarren BlockThe following options are supported: 718935f242SAllan Jude.Bl -tag -width "-r newrelease" 7248ffe56aSColin Percival.It Fl b Ar basedir 7348ffe56aSColin PercivalOperate on a system mounted at 7448ffe56aSColin Percival.Ar basedir . 7548ffe56aSColin Percival(default: 7648ffe56aSColin Percival.Pa / , 7748ffe56aSColin Percivalor as given in the configuration file.) 7848ffe56aSColin Percival.It Fl d Ar workdir 7948ffe56aSColin PercivalStore working files in 8048ffe56aSColin Percival.Ar workdir . 8148ffe56aSColin Percival(default: 8248ffe56aSColin Percival.Pa /var/db/freebsd-update/ , 8348ffe56aSColin Percivalor as given in the configuration file.) 8448ffe56aSColin Percival.It Fl f Ar conffile 8548ffe56aSColin PercivalRead configuration options from 8648ffe56aSColin Percival.Ar conffile . 8748ffe56aSColin Percival(default: 8848ffe56aSColin Percival.Pa /etc/freebsd-update.conf ) 898935f242SAllan Jude.It Fl F 908935f242SAllan JudeForce 918935f242SAllan Jude.Nm Cm fetch 92df7e2e0dSEd Masteto proceed in the case of an unfinished upgrade. 9348ffe56aSColin Percival.It Fl k Ar KEY 9448ffe56aSColin PercivalTrust an RSA key with SHA256 of 9548ffe56aSColin Percival.Ar KEY . 9648ffe56aSColin Percival(default: read value from configuration file.) 97db6b0a61SColin Percival.It Fl r Ar newrelease 9818a52cf4SEd MasteSpecify the new release (e.g., 11.2-RELEASE) to which 99db6b0a61SColin Percival.Nm 100db6b0a61SColin Percivalshould upgrade (upgrade command only). 10148ffe56aSColin Percival.It Fl s Ar server 10248ffe56aSColin PercivalFetch files from the specified server or server pool. 10348ffe56aSColin Percival(default: read value from configuration file.) 10448ffe56aSColin Percival.It Fl t Ar address 10548ffe56aSColin PercivalMail output of 10648ffe56aSColin Percival.Cm cron 10748ffe56aSColin Percivalcommand, if any, to 10848ffe56aSColin Percival.Ar address . 10948ffe56aSColin Percival(default: root, or as given in the configuration file.) 1108935f242SAllan Jude.It Fl -not-running-from-cron 1118935f242SAllan JudeForce 1128935f242SAllan Jude.Nm Cm fetch 1138935f242SAllan Judeto proceed when there is no controlling tty. 1148935f242SAllan JudeThis is for use by automated scripts and orchestration tools. 1158935f242SAllan JudePlease do not run 1168935f242SAllan Jude.Nm Cm fetch 1178935f242SAllan Judefrom crontab or similar using this flag, see: 1188935f242SAllan Jude.Nm Cm cron 119b39ce43eSColin Percival.It Fl -currently-running Ar release 1201a20115cSGlen BarberDo not detect the currently-running release; instead, assume that the 121b39ce43eSColin Percivalsystem is running the specified 122b39ce43eSColin Percival.Ar release . 123b39ce43eSColin PercivalThis is most likely to be useful when upgrading jails. 12448ffe56aSColin Percival.El 12548ffe56aSColin Percival.Sh COMMANDS 12648ffe56aSColin PercivalThe 12748ffe56aSColin Percival.Cm command 12848ffe56aSColin Percivalcan be any one of the following: 1298935f242SAllan Jude.Bl -tag -width "rollback" 13048ffe56aSColin Percival.It Cm fetch 13148ffe56aSColin PercivalBased on the currently installed world and the configuration 13248ffe56aSColin Percivaloptions set, fetch all available binary updates. 13348ffe56aSColin Percival.It Cm cron 13448ffe56aSColin PercivalSleep a random amount of time between 1 and 3600 seconds, 13548ffe56aSColin Percivalthen download updates as if the 13648ffe56aSColin Percival.Cm fetch 13748ffe56aSColin Percivalcommand was used. 13848ffe56aSColin PercivalIf updates are downloaded, an email will be sent 13948ffe56aSColin Percival(to root or a different address if specified via the 14048ffe56aSColin Percival.Fl t 14148ffe56aSColin Percivaloption or in the configuration file). 14248ffe56aSColin PercivalAs the name suggests, this command is designed for running 14348ffe56aSColin Percivalfrom 14448ffe56aSColin Percival.Xr cron 8 ; 14548ffe56aSColin Percivalthe random delay serves to minimize the probability that 14648ffe56aSColin Percivala large number of machines will simultaneously attempt to 14748ffe56aSColin Percivalfetch updates. 148db6b0a61SColin Percival.It Cm upgrade 149db6b0a61SColin PercivalFetch files necessary for upgrading to a new release. 150db6b0a61SColin PercivalBefore using this command, make sure that you read the 151db6b0a61SColin Percivalannouncement and release notes for the new release in 152db6b0a61SColin Percivalcase there are any special steps needed for upgrading. 153adbcc996SColin PercivalNote that this command may require up to 500 MB of space in 154adbcc996SColin Percival.Ar workdir 155adbcc996SColin Percivaldepending on which components of the 156adbcc996SColin Percival.Fx 157adbcc996SColin Percivalbase system are installed. 1588cfda118SMichael Gmelin.It Cm updatesready 1598cfda118SMichael GmelinCheck if there are fetched updates ready to install. 1608cfda118SMichael GmelinReturns exit code 2 if there are no updates to install. 16148ffe56aSColin Percival.It Cm install 162db6b0a61SColin PercivalInstall the most recently fetched updates or upgrade. 1638cfda118SMichael GmelinReturns exit code 2 if there are no updates to install 1648cfda118SMichael Gmelinand the 1658cfda118SMichael Gmelin.Cm fetch 1668cfda118SMichael Gmelincommand wasn't passed as an earlier argument in the same 1678cfda118SMichael Gmelininvocation. 16848ffe56aSColin Percival.It Cm rollback 16948ffe56aSColin PercivalUninstall the most recently installed updates. 17008e23beeSColin Percival.It Cm IDS 17108e23beeSColin PercivalCompare the system against a "known good" index of the 17208e23beeSColin Percivalinstalled release. 1738cfda118SMichael Gmelin.It Cm showconfig 1748cfda118SMichael GmelinShow configuration options after parsing conffile and command 1758cfda118SMichael Gmelinline options. 17648ffe56aSColin Percival.El 17748ffe56aSColin Percival.Sh TIPS 17848ffe56aSColin Percival.Bl -bullet 17948ffe56aSColin Percival.It 18048ffe56aSColin PercivalIf your clock is set to local time, adding the line 18148ffe56aSColin Percival.Pp 18248ffe56aSColin Percival.Dl 0 3 * * * root /usr/sbin/freebsd-update cron 18348ffe56aSColin Percival.Pp 18448ffe56aSColin Percivalto /etc/crontab will check for updates every night. 18587b66e43SColin PercivalIf your clock is set to UTC, please pick a random time 18648ffe56aSColin Percivalother than 3AM, to avoid overly imposing an uneven load 18748ffe56aSColin Percivalon the server(s) hosting the updates. 18808e23beeSColin Percival.It 18908e23beeSColin PercivalIn spite of its name, 19063d46d1dSUlrich Spörlein.Nm 19108e23beeSColin PercivalIDS should not be relied upon as an "Intrusion Detection 192c170a96bSJohn-Mark GurneySystem", since if the system has been tampered with 19308e23beeSColin Percivalit cannot be trusted to operate correctly. 19408e23beeSColin PercivalIf you intend to use this command for intrusion-detection 19508e23beeSColin Percivalpurposes, make sure you boot from a secure disk (e.g., a CD). 19648ffe56aSColin Percival.El 197*32f45927SMateusz Piotrowski.Sh ENVIRONMENT 198*32f45927SMateusz Piotrowski.Bl -tag -width "PAGER" 199*32f45927SMateusz Piotrowski.It Ev PAGER 200*32f45927SMateusz PiotrowskiThe pager program used to present various reports during the execution. 201*32f45927SMateusz Piotrowski.Po 202*32f45927SMateusz PiotrowskiDefault: 203*32f45927SMateusz Piotrowski.Dq Pa /usr/bin/less . 204*32f45927SMateusz Piotrowski.Pc 205*32f45927SMateusz Piotrowski.Pp 206*32f45927SMateusz Piotrowski.Ev PAGER 207*32f45927SMateusz Piotrowskican be set to 208*32f45927SMateusz Piotrowski.Dq cat 209*32f45927SMateusz Piotrowskiwhen a non-interactive pager is desired. 210*32f45927SMateusz Piotrowski.El 21148ffe56aSColin Percival.Sh FILES 21248ffe56aSColin Percival.Bl -tag -width "/etc/freebsd-update.conf" 2132710751bSJoel Dahl.It Pa /etc/freebsd-update.conf 21448ffe56aSColin PercivalDefault location of the 21548ffe56aSColin Percival.Nm 21648ffe56aSColin Percivalconfiguration file. 2172710751bSJoel Dahl.It Pa /var/db/freebsd-update/ 21848ffe56aSColin PercivalDefault location where 21948ffe56aSColin Percival.Nm 22048ffe56aSColin Percivalstores temporary files and downloaded updates. 22148ffe56aSColin Percival.El 22248ffe56aSColin Percival.Sh SEE ALSO 22348ffe56aSColin Percival.Xr freebsd-update.conf 5 22448ffe56aSColin Percival.Sh AUTHORS 22501c2b8acSBaptiste Daroussin.An Colin Percival Aq Mt cperciva@FreeBSD.org 226